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DETAILED ACTION 

1 . This action is in response to the communication filed on October 23, 2001 . 
Claims 1-19 were originally received for consideration. No preliminary amendments for 
the claims were received. Claims 1 - 19 are currently being examined. 

Information Disclosure Statement 

2. An initialed and dated copy of Applicant's IDS form 1449, received 10/23/2001, is 
attached to this Office action. 

Claim Rejections - 35 USC §112 

3. Claim 5 recites the limitation "document location" in the first line of the claim. 
There is insufficient antecedent basis for this limitation in the claim. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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4. Claims 1-10, 12-19 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Foth (U.S. Patent Application Publication No. 2003/0068045) in view of McGarvey 
etal. (U.S. Patent Application Publication No. 2003/0028773). 

Regarding claim 1, Foth discloses: 

In a client-server-document repository system, a secure method, comprising: 

"sending, from the client to the server, user credentials to release a 
document and the address of the document' (page 2: paragraphs 23-24); 

"verifying, at the server, the user's credential' (page 2: paragraphs 23-24); 

"sending, from the server to the document repository, server credentials, 
and the address of the document' (page2: paragraphs 23-24) 

"verifying, at the document repository, the server's credentials" (page 2: 
paragraphs 23-24); 

"providing the document to the servei" (page 2: paragraph 24); and 

"performing the action on the document' (page 2: paragraph 24). 

Foth does not explicitly disclose the method of "using a delegation credential in 
conjunction with user and server credentials to permit the server to perform an 
action on the document. McGarvey discloses using a delegation credential in 
conjunction with user and server credentials to permit the server to perform an action on 
the document (page 4-5: paragraphs 45-52). McGarvey delineates a client sending a 
signed credential to a middle-tier server (server), which then sends the credential to a 
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back-end server (document repository) for authentication on behalf of the client. 
McGarvey states that tiered network approaches are common, whereby in a tiered 
approach, the originator for a unit of work communicates via a client program, which 
then communicates with a middle-tier server (i.e. a web server) which then can access 
a database or other resource managers (i.e. document repository) (page 1 : paragraph 
2). McGarvey further states that "such a tiered approach to network applications may 
create a need for the secure propagation of security credentials of the request originator 
through each of the tiers of the application" (page 1 : paragraph 3) and that "in such 
propagation of secure credentials, the request originator delegates to middle-tier 
servers the authority to access other servers on their behalf (page 1 : paragraph 3). 
Foth and McGarvey are analogous arts in that both deal with a tiered approach to 
access information from a back-end server (document repository) by going through a 
middle-tier server. The middle-tier server as applied to Foth would be the printer with 
the built in adaptor, and the back-end server would be the document repository where 
the document that is requested to be printed resides. Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to use the 
delegation credentials provided by McGarvey in conjunction with the user and server 
credentials of Foth, to allow the propagation of security credentials by allowing the 
middle-tier server to act on behalf of the client in accessing the back-end servers. 



Claim 2 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 
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The method of claim 1 , wherein "the server comprises a printer" (page 2: 
paragraph 20). 

Claim 3 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 
The method of claim 1 , wherein "the server comprises a multi-function device 
for printing, faxing and scanning" (page 2: paragraph 20). 

Claim 4 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 
The method of claim 1, further comprising "establishing a secure connection 
between the client and server prior to sending the user credentials, delegation 
credential and location of the document' (page 2: paragraph 21 ). 

Claim 5 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 

The method of claim 1 , wherein "the document location comprises a URL" 
(page 2: paragraph 23). 

Claim 6 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 
The method of claim 1 , wherein the delegation credential comprises: 
"URL of the server" (page 2: paragraphs 23-24); 
"URL of the document to be fetched' (page 2: paragraphs 23-24); 
Foth does not explicitly disclose a certificate signed by the client, the delegator, 
delegatee, and the access rights delegated to the server. McGarvey discloses a 



Application/Control Number: 10/001,449 Page 6 

Art Unit: 2131 

credential which has a pre-nonce token which contains the identity of the middle-tier 
server (page 4: paragraph 47), a nonce signed by the client (digital certificate), and a 
random number which can be used for designating the rights of the server by containing 
an expiration date (pages 4-5: paragraphs 47-52). 

Claim 7 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 
The method of claim 1 , wherein the client comprises "a mobile device" (page 2: 
paragraph 21). 

Claim 8 is rejected as applied above in rejecting claim 7. Furthermore, Foth discloses: 

The method of claim 7, wherein the mobile device comprises "a PDA" (page 2: 
paragraph 21). 

Claim 9 is rejected as applied above in rejecting claim 7. Furthermore, Foth discloses: 

The method of claim 7, wherein the mobile device comprises "a cell phone" 
(page 2: paragraph 21). 

Claim 10 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 

The method of claim 1 . 
Foth does not explicitly disclose the delegation credential including a time limit, wherein 
upon expiration of the time limit, the server's permissions expire. McGarvey discloses a 
random number, which has an expiration date, and at the back-end server, if it is 
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determined that the random number received from the middle-tier server is expired, the 
delegation credential is not authenticated. 



Claim 12 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 

The method of claim 1 . 
Foth does not explicitly disclose that the delegation credential comprises a Satchel 
token. McGarvey discloses that the delegation credential includes a pre-nonce token 
which is used for authenticating to a back-end server. 

Claim 13 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 

The method of claim 1 . 
Foth does not explicitly disclose that the delegation credential comprises an SPKI 
certificate. McGarvey discloses that the delegation credential includes a nonce signed 
digitally signed by a user. 



Claim 14 is rejected as applied above in rejecting claim 1 . Furthermore, Foth discloses: 

The method of claim 1 , wherein "the server comprises a printer" (page2: 
paragraph 20) and the action comprises "printing the document (page 2: paragraph 
24) and wherein the verifying step comprises "verifying if the client has rights on the 
printer and if not sending an error message to the client (page 2: paragraph 23). 
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Claim 15 is rejected as applied above in rejecting claim 14. Furthermore, Foth 
discloses: 

The method of claim 14. Foth does not explicitly state "verifying, at the printer, if 
sufficient media is available." However, it was well-known in the art at the time the 
invention was made, that every time a print job is sent to a printer, that the printer 
checks if it has sufficient memory to process the request. Therefore it would have been 
obvious to one of ordinary skill in the art at the time the invention was made, to check 
for sufficient media before commencing the print job. 

Claim 16 is rejected as applied above in rejecting claim 15. Furthermore, Foth 
discloses: 

The method of claim 15. Foth does not explicitly disclose "upon printing the 
document, sending the client a notice." However, it was well-known in that art at the 
time of invention was made, that when a print job is completed, a notice will be sent to 
the client. Foth discloses a "secure retrieval of documents" (Abstract) which would 
imply that a user would know exactly when the print job was completed. Therefore, it 
would have been obvious to one of ordinary skill in the art at the time the invention was 
made, to have the server send the client a notice when printing had completed. 

Claim 17 is rejected as applied above in rejecting claim 3. Furthermore, Foth discloses: 
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The method of claim 3, wherein "the delegation credential includes the 
client's access rights associated with the document and constraints on the 
server" (page 2: paragraph 23). 

Claim 18 is rejected as applied above in rejecting claim 17. Furthermore, Foth 
discloses: 

The method of claim 17, wherein "the client's access rights include printing, 
faxing, copying, and fetching" (page 2: paragraph 23-24). 
Foth does not explicitly disclose the server's constraints include a predetermined 
number of copies that may be made and a predetermined period of time in which 
actions on the document maybe provided." McGarvey discloses a random number, 
which has an expiration date, and at the back-end server, if it is determined that the 
random number received from the middle-tier server is expired, the delegation 
credential is not authenticated. 

Regarding claim 19, Foth discloses: 

In a client-server-document repository system, a secure method, comprising: 
"sending, from the client to the server, user credentials to release a 

plurality of documents and the address of the document' (page 2: paragraphs 23- 

24); 

"verifying, at the server, the user's credential' (page 2: paragraphs 23-24); 
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' sending, from the server to the document repository, server credentials, 
and the address of the document 1 (page2: paragraphs 23-24) 

' verifying, at the document repository, the server's credentials" (page 2: 
paragraphs 23-24); 

"providing the document to the serve? (page 2: paragraph 24); and 
'performing the action on the document (page 2: paragraph 24). 
Foth does not explicitly disclose the method of 'using a plurality of delegation 
credentials in conjunction with user and server credentials to permit the server to 
perform an action on the document 1 . McGarvey discloses using a delegation 
credential in conjunction with user and server credentials to permit the server to perform 
an action on the document (page 4-5: paragraphs 45-52). McGarvey delineates a 
client sending a signed credential to a middle-tier server (server), which then sends the 
credential to a back-end server (document repository) for authentication on behalf of the 
client. A plurality of credentials can be sent if there is a plurality of documents that need 
to be retrieved. McGarvey states that tiered network approaches are common, whereby 
in a tiered approach, the originator for a unit of work communicates via a client program, 
which then communicates with a middle-tier server (i.e. a web server) which then can 
access a database or other resource managers (i.e. document repository) (page 1 : 
paragraph 2). McGarvey further states that "such a tiered approach to network 
applications may create a need for the secure propagation of security credentials of the 
request originator through each of the tiers of the application" (page 1 : paragraph 3) 
and that "in such propagation of secure credentials, the request originator delegates to 
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middle-tier servers the authority to access other servers on their behalf (page 1 : 
paragraph 3). Foth and McGarvey are analogous arts in that both deal with a tiered 
approach to access information from a back-end server (document repository) by going 
through a middle-tier server. The middle-tier server as applied to Foth would be the 
printer with the built in adaptor, and the back-end server would be the document 
repository where the document that is requested to be printed resides. Therefore, it 
would have been obvious to one of ordinary skill in the art at the time the invention was 
made to use the delegation credentials provided by McGarvey in conjunction with the 
user and server credentials of Foth, to allow the propagation of security credentials by 
allowing the middle-tier server to act on behalf of the client in accessing the back-end 
servers. 

5. Claim 1 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over Foth 
(U.S. Patent Application Publication No. 2003/0068045) in view of McGarvey et al. (U.S. 
Patent Application Publication No. 2003/0028773) and further in view of Taniguchi et al. 
(U.S. Patent 6,801,962). 

Claim 1 1 is rejected as applied above in rejecting claim 1 . The Foth-McGarvey 
combination does not explicitly teach that a delegation credential is used for authorizing 
payment for the action, sending the delegation credential to a payment provider, and 
verifying the credentials at the payment provider. Taniguchi discloses a mobile device 
in communication with a server, whereby the user authenticates to the server, and a 
print job is processed by request from the user, and the printing of the document is 
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charged allowing a user to "make use of a pay print service utilizing the portable 
terminal device at an arbitrary place where the image forming device is provided" 
(column 2 lines 20-43). The Foth-McGarvey combination teaches sending a delegation 
credential from a client to a server, and sending a delegation credential from a middle- 
tier server to a back-end server, and verifying the delegation credential and the server 
credential at the back-end server. Foth-McGarvey and Taniguchi are analogous arts as 
all deal with servers, and Taniguchi deals with printing using a mobile device in the 
same manner as Foth. It is obvious that the back-end server can be a billing server 
(payment provider), and the user can delegate the server to act on its behalf using the 
same logic described in rejecting claim 1, to provide payment. Therefore it would have 
been obvious to one of ordinary skill in the art at the time the invention was made to use 
the payment process disclosed by Taniguchi in conjunction with the system of Foth- 
McGarvey to allow a user to "make use of a pay print service utilizing the portable 
terminal device at an arbitrary place where the image forming device is provided" 
(Taniguchi, column 2 lines 20-43). 
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Conclusion 



6. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 571- 
272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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